January 28, 2006
There are a multitude of variables to the art and science of an espresso shot. The bean, the roast, the freshness, the packing of the grinds, the temperature, the length of pull... The difference between a good and a great shot is potentially infinite, and perhaps meaningful only to those willing to create the meaning themselves. The difference between a good shot and a bad shot on the other hand can often be reduced to one, and only one factor, how clean what is apparently called the portafilter is.
The portafilter is that handle thing with a metal cup on the end where the espresso is packed in. As the name implies its where the espresso is filtered, and its also often where it goes wrong. Next time you order your favorite espresso drink watch how the baristas make it. In New York at least odds are they'll follow a pattern, pull, knock knock the grinds out over some metal bar on top a trash receptacle, pack in the grinds and start again. Knock knock, brew, repeat. Each time this is done a layer of residue from the previous round is left in the portafilter. Grinds from which the cream of the bean has been extracted. Grinds from which something will be extracted into your drink. Something bitter.
Maybe it sounds petty, but the fact is you can clearly taste the difference, a clean portafilter pretty much ensures a decent pour. There is all sorts of variation, space for the pour to approach perfection in the hands of a master, but none of these variables have anything near the effect of the difference between a clean a dirty portafilter. Watch the barista, if they clean the portafilter with hot water, or wipe it out thoroughly with a rag, you'll get a decent espresso shot, if they knock knock and reload you'll be be drinking a bitter brew. So yeah, that makes this a plea, to all the coffee shop owners and baristas out there, please, please clean the damn portafilter!
January 27, 2006
The Future of Effective Phishing
It happens every six months or so, I get an email, a piece of spam, or more accurately a phishing email. Well actually I get those everyday, usually purporting to be from eBay or Paypal (which of course are one the same as a corporate entity). What I get every six months is a phishing email that makes me stop and think, that I almost click on. The latest was a nearly flawless reproduction of an eBay request for more info on a bid item. If my last active auction was something a bit less than six months ago, I may well have clicked. Instead I started to wonder, how good will these things get?
The first phishing email I ever saw was pitiful, it claimed to be from Citibank, but was written in a language more akin to h4×0r with all the poetics stripped out. Of course the phishers quickly learned that Citibank uses a particular form highly proofread english adapted rather quickly. It was maybe six months later that I became aware that phishing might actually work. I logged into my Citibank account and noticed a message warning customers about phishing scams. What was striking about it was not the warning, but the casual tone that Citibank included the word "phishing" in its highly proofread english. The word was getting tossed around as if they assumed their customers knew what it meant, yet at the time I barely recognized it and I would hazard to guess I'm far more internet culture literate than a vast majority Citibank customers. Clearly phishing was something the bankers were talking about and talking about a lot. Right around this time they also changed their interaccount transfer feature, sealing up a particularly phishing friendly way to move money out of their system and it seems directing the phishers on towards eBay and beyond.
What happens when phishing meets social networks? The past four or five years or so have lead an entire generation, one that includes me, to leave a vast data trail across the internet. Information about who is friends with who, information on what you are interested in, what books you've read, even information on how you write and how you converse in text. Lets leave aside everything that the merchants and search engines have collected, cause that's a whole other story. Just the information that's public or semipublic is more than enough to weave a nasty phishing tale. For instance I just told the world where I bank, and this site is riddled with facts that occasionally come up in conversations with aquaintences. Facts that I find slightly startling they know, despite knowingly having published them myself.
If you get an email from a friend, in their writing style, containing accurate info about yourself, is that an email you can trust? I no longer trust any email claiming to come from any institution that has its fingers in my money somehow. I click on the legitimate ones with extreme caution, checking the links, viewing the source, often I don't click at all, I go to their front pages and log in manually. What happens when email is no longer trusted at all? Is effective phishing what it will take to finally have a popular secure email (call it smail or semail) format take off? Or can the phish be driven to extinction?